文章基本信息

标题：An Efficient Response Time for Shrew Attack Protection in Mitigating Low-Rate Tcp-Targeted Attacks
本地全文：下载
作者：S.Ganesan ; B.Loganathan
期刊名称：International Journal of Computer Trends and Technology
电子版ISSN：2231-2803
出版年度：2013
卷号：4
期号：8-3
出版社：Seventh Sense Research Group
摘要：This paper presents a simple prioritytagging filtering mechanism, called SAP (Shrew Attack Protection), which protects wellbehaved TCP flows against lowrate TCPtargeted Shrew attacks. In this scheme, a router maintains a simple set of counters and keeps track of the drop rate for each potential victim. If the monitored drop rates are low, all packets are treated as normal and equally complete to be admitted to the output queue and only dropped based on the AQM (Active Queue Management) policy when the output queue is full. SAP keeps tagging victim packets as high priority until their drop rate is below the fair drop rate. By preferentially dropping normal packets to protect highpriority packets, SAP can prevent low rate TCPtargeted Shrew attacks from causing a wellbehaved TCP flow to lose multiple consecutive packets repeatedly. This simple strategy protects wellbehaved TCP flows away from near zero throughputs (due to slow start) under an attack.
关键词：Shrew attack; differential tagging; fair drop rat